[framework] setslice exploit for meta3 but not meta2.6?
H D Moore
hdm at metasploit.com
Sun Oct 1 11:50:43 CDT 2006
On Sunday 01 October 2006 07:07, sandalwood wrote:
>any chance someone can port the recent msie exploit to 2.6?
I will upload my version soon.
> correct me if i am wrong, but the meta3 version is missing
> 1. chunked encoding
> 2. gzip encoding
msf exploit(webview_setslice) > show evasion
[..]
Name : HTTP::chunked
Current Setting: false
Description : Enable chunking of HTTP responses via
"Transfer-Encoding: chunked"
Name : HTTP::compression
Current Setting: none
Description : Enable compression of HTTP responses via content
encoding (accepted: none, gzip, deflate)
[..]
> 3. download+exec payload
I just added it, svn update|MSFUpdate to get it.
$ msfpayload windows/download_exec S
Name: Windows Executable Download and Execute
Version: $Revision: 3534 $
Platform: Windows
Arch: x86
Needs Admin: No
Total size: 340
Provided by:
Available options:
Name Current Setting Required Description
---- --------------- -------- -----------
URL yes The pre-encoded URL to the executable
Description:
Download an EXE from a HTTP URL and execute it
-HD
More information about the framework
mailing list